Presentation on Standard on Cost Auditing Knowledge of Business, its Processes and the Business Environment (SCA 104)

Transcription

1 Presentation on Standard on Cost Auditing Knowledge of Business, its Processes and the Business Environment (SCA 104)

2 How Standards on Cost Auditing are formulated? Standards are issued by the Cost Auditing & Assurance Standards Board under the authority of the Council of the Institute of Cost Accountants of India. As per Section 148(3) of the Companies Act 2013, the auditor conducting the cost audit is required to comply with the cost auditing standards. While formulating standards, the CAASB takes into consideration the applicable laws, usage and business environment prevailing in India, relevant provisions of Cost and Works Accountants Act, Rules and Regulations, Code of Professional Ethics, Cost Accounting Standards and other Statements issued by the Institute. The Standards issued by the CAASB are aligned, to the extent possible, with other recognised Standards issued in India and prevailing International Practices. If a particular standard or any part thereof is inconsistent with a law, the provisions of the said law shall prevail.

3 The Board is authorized to issue following literatures: Standards on Quality Control Standards on Cost Auditing Standards on Review Assignments Standards on Assurance Assignments Standards on Related Services Guidance Notes Technical Guides Practice Manuals

4 Clauses Introduction Objectives Scope Definitions Explanation Explains subject matter of SCA in brief, and context in which the SCA is set. Objectives to be achieved by the cost auditor in complying with the requirements of SCA keeping in mind the interrelationships among other SCAs. Scope and applicability of SCA keeping in view subject matter & specific expectations from cost auditor and others in the context in which the SCAs are set. Description of terminology used in SCA. However, no definition can override the meaning defined in law and regulations. Requirements Outlines the specific requirements of SCA. Requirements containing the word shall, is mandatory (Bold Italic) to be complied with, unless stated otherwise The Non Bold Italic part of this section provide further explanation to relevant requirement.

5 SCA Elements Application Guidance Effective Date Statement of Modification Annexure / Appendices Comments Provides further explanation of the requirements and guidance for carrying the requirements set out in the SCA. Covers background information, addresses meaning of requirements and explains the requirements precisely with examples wherever required. However, the actual procedures selected by the cost auditor require the use of professional judgment based on the particular circumstances of the entity. Date from which the application of the SCA is mandatory. SCAs are formulated based on International Standards on Auditing (ISAs) which primarily focus on financial audit. Due to fundamental differences between the scope and methodology of financial and cost audit, Statement of Modifications are issued by the Institute containing comparison to International Auditing Standards. Appendices form part of the application and other explanatory material. The purpose and intended use of an appendix/ annexure are explained in the body of the related SCA, or within the title and introduction of the appendix/ annexure itself.

6 Standards already approved by the MCA on and effective for audit on or after SCA Planning an Audit of Cost Statement SCA Cost Audit Documentation SCA Overall Objectives of the Independent Cost Auditor and the Conduct of an Audit in Accordance with Standards on Auditing SCA Knowledge of Business, its Processes and Business Environment Note: As per direction of MCA, Board has developed 15 more Standards, already been sent to MCA for approval.

7 SCA Agreeing the Terms of Cost Audit Engagements SCA Audit Sampling SCA Audit Evidence SCA Materiality in Planning and Performing Cost Audit SCA Cost Auditor s Responsibility Relating to Fraud in an Audit of Cost Statements SCA Written Representations SCA Evaluation of Misstatements identified during the Cost Audit SCA Analytical Procedures SCA Using the Work of Internal Auditors SCA Using the Work of Cost Auditor s Expert SCA Communication with Those Charged with Governance SCA Communicating Deficiencies in Internal Control to those Charged with Governance and Management SCA Identifying and Assessing the Risks of Material Misstatement SCA The Cost Auditor s Response to the Assessed Risk SCA Related Parties

8

9 In performing an audit of cost statements, cost records and other related documents, the cost auditor should have knowledge of the client s business to enable him to understand the processes and express his opinion on the cost statements. Cost auditor s level of knowledge for a cost audit engagement should include a general knowledge of the economy and the industry within which the entity operates, and a more particular knowledge of how the entity operates. Cost auditor is also required to obtain an understanding of internal controls, control environment, risk assessment process, identifying business risks, assessing the likelihood of their occurrence, estimating the significance of the risks and deciding about actions to address those relevant risks. The cost auditor shall also understand the Information Technology environment and control system of the entity to assess the condition.

10 Knowledge of Business An auditor needs to understand the clients business before audit of cost statements. [Current Business scenario, Nature of Business, Product Portfolio, Raw Material Prices Global impact etc., whether it is part of any regulatory scam] An auditor needs to understand the general economic and industry knowledge where it operates. [Global and Domestic market scenario of the product and segment, Pricing impact, economic status of the country, growth potential, Future threats from competitors & imports its impact on cost and profitability etc.] An auditor needs to understand how the organization operates. [The processes on which the organization works, its policies, controls] With Specific industry knowledge, it becomes easier to plan the audit process that aids errors detection. Some sources to get the general information about the industry and entity are Annual Report of the organisation, Annual Report of Competitor Organisation, Internet surfing, Newspapers, Journals, Research Papers Published etc.

11 Nature of the entity Entity and its Environment (Business processes operations, major inputs, Joint & By-Products and Wastages and major outputs etc.) Entity s ownership and governance structure. [Organizational Structure, Controls on or by Sister Organization etc.] Relevant industry, regulatory, and other external factors including the applicable cost and financial reporting framework. [Electricity, petroleum, telecommunication, fertilizer, sugar and drugs & pharmaceutical industries have certain regulatory framework in which they work] Entity s selection and application of cost accounting policies. [Treatment of abnormal events, effect of change of cost accounting policies] Measurement and review of the entity s performance. [Key performance indicators, key ratios, key trends, operating statistics, financial performance analysis, Budgets, forecasts, variance analyses, segment information, divisional/ department performance reports, employee performance measures, incentive compensation etc.]

12 Internal Controls Cost auditor shall obtain an understanding of internal controls relevant to the audit. [Evaluate the design of those controls and determine their proper implementation] Control Environment: The cost auditor shall evaluate whether management has created and maintained a culture of honesty and ethical behavior. [No companies are alike; they are all special and have their own specific conditions. Therefore, an auditor must gather information about both internal and external circumstances for every individual client company audited.] Entity s risk assessment process: The cost auditor shall obtain an understanding of whether the entity has a process for: Identifying business risks relevant to cost reporting objectives; Assessing the likelihood of their occurrence; Estimating the significance of the risks; and Deciding about actions to address those risks. [If cost auditor identified that management failed to assess the risk, then the cost auditor would evaluate why that process failed to identify it and whether there is deficiency in internal control. However, the cost auditor does not have a responsibility to identify or assess all business risk because not all business risks give rise to risks of material misstatement]

13 Management Information System Classes of transactions and their analysis significant to cost statements Procedures, by which transactions and their analysis are initiated, recorded, processed, and reported Related cost accounting records, supporting information used to initiate, record, process and report transactions Reporting process including significant estimates and disclosures. [Reviewing cost elements, GL mapping, assumptions, basis of apportionment should be checked and Product wise Profitability Statement in MIS if available]

14 Control Activities Cost auditor shall obtain an understanding of the control activities, relevant to the audit [Understanding of control activities relevant to cost/management information system in order to assess risks of material misstatement at assertion level and design further audit procedures responsive to assessed risks] Monitoring of Controls Cost auditor shall obtain an understanding of the major activities, that the entity uses to monitor internal control over reporting. [How the entity initiates remedial actions to deficiencies in its controls] Cost auditor shall evaluate the adequacy of the internal audit function in relation to cost records. [If based on responses to inquires by cost auditor, he found relevant may consider it appropriate to read the internal auditor s report}

15 IT (Information Technology) Environment and Control IT Architecture, Systems and programs in use in the entity; [Cost auditor needs to have knowledge of IT systems and its controls.] Controls on access to data; Controls on changes to data in master files, systems or programs; [IT policy, control checks, authorization checks] Integrity of information and security of the data [IT security policy, whether unauthorized changes can be made, level of authorization required to make changes]

16 Assertions in the Audit of Cost Statements Audit Assertions are the implicit or explicit claims and representations made by the management responsible for the preparation of cost statements regarding the appropriateness of the various elements of cost statements and disclosures. Various types are: Occurrence - Costs recognized in the cost statements have occurred and relate to the entity. Completeness - All costs that were supposed to be recorded have been recognized in the cost statements. Accuracy - Costs have been recorded accurately at their appropriate amounts. Cut-off - Costs have been recognized in the correct accounting periods. Measurement - Costs have been correctly measured as per the applicable Standards. Classification - Costs have been classified and presented fairly in the cost statements. Presentation & Disclosure - Costs have been correctly disclosed as per the applicable cost reporting framework.

17 Identifying and Assessing the Risks of Material Misstatement Identify risks including relevant controls that relate to the risk of material misstatements or a risk of fraud; Assess whether the risk is related to recent significant economic, accounting or other developments and, therefore, requires specific attention; Assess whether the risk involves significant transactions with related parties; [Specific consideration of the susceptibility of the cost statements to material misstatement due to fraud or error that could result from the entity s related party relationships and transactions such as How special-purpose entities controlled by management might be used to facilitate pricing management and How transactions between the entity and a known business partner of a key member of management] Assess the degree of subjectivity in the measurement of information related to the risk. Assess whether there arises a need for revising the assessment of risk based on additional audit evidence obtained.

18 Documentation Understanding obtained regarding each of the aspects of the entity and its environment. each of the internal control components. sources of information from which the understanding was obtained. the risk assessment procedures performed. identified and assessed risks of material misstatement at the cost statement level and at the assertion level including items of cost, cost heads and disclosure thereof. The risks identified, and related controls about which the auditor has obtained an understanding. The documentation may be simple in form and relatively brief in case of uncomplicated organization. An audit undertaken by an audit team comprising less experienced individuals may require more detailed documentation to assist them to obtain an appropriate understanding of the entity than one that includes experienced individuals.

19